Updated by Github Bot

EXP-Tools · Feb 21, 2024 · 7a9132e · 7a9132e
1 parent 1d92a4c
commit 7a9132e
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -168,3 +168,13 @@ ae76cc89624f9fc10e6713d9ba3aacdb
 80caf5cf00cffdeb61c6dcfba2ad4185
 730cca7c11768c0c2cfb4b6966e72be8
 aef9445589ad1fe2c596dddbc16dab7a
+fb1b9927eef0a4cba396cf982cff7609
+7e02e6c9183abb81e3c35e8e73c26539
+8c0af4fbf186136a05550c7bc565f511
+045d1c2a9beb0fdab3654d291b6d0a9d
+e95f63c1153b55442ebbd585208307af
+e87358f0ce0c0d35756b48c37ecd124a
+791a1d6349880e7a7783a7ba90969b19
+911e6a10c7356fa6d13166cc66f28f3e
+5f8b3c0749bc369f74ae79762da2f638
+d163df537e1a603e6d574f72c08f029d
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-02-21 09:24:45 -->
+<!-- RELEASE TIME : 2024-02-21 15:23:08 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>fb1b9927eef0a4cba396cf982cff7609</td>
+       <td>CVE-2023-7235</td>
+       <td>2024-02-21 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-7235">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>7e02e6c9183abb81e3c35e8e73c26539</td>
+       <td>CVE-2024-24837</td>
+       <td>2024-02-21 08:15:46 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.44.3; FG Drupal to WordPress: from n/a through 3.67.0; FG Joomla to WordPress: from n/a through 4.15.0.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24837">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>8c0af4fbf186136a05550c7bc565f511</td>
+       <td>CVE-2024-24802</td>
+       <td>2024-02-21 08:15:46 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24802">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>045d1c2a9beb0fdab3654d291b6d0a9d</td>
+       <td>CVE-2024-24798</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in SoniNow Team Debug.This issue affects Debug: from n/a through 1.10.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24798">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e95f63c1153b55442ebbd585208307af</td>
+       <td>CVE-2023-52442</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate session id and tree id in compound request `smb2_get_msg()` in smb2_get_ksmbd_tcon() and smb2_check_user_session() will always return the first request smb2 header in a compound request. if `SMB2_TREE_CONNECT_HE` is the first command in compound request, will return 0, i.e. The tree id check is skipped. This patch use ksmbd_req_buf_next() to get current command in compound.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52442">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>e87358f0ce0c0d35756b48c37ecd124a</td>
+       <td>CVE-2023-52441</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds in init_smb2_rsp_hdr() If client send smb2 negotiate request and then send smb1 negotiate request, init_smb2_rsp_hdr is called for smb1 negotiate request since need_neg is set to false. This patch ignore smb1 packets after ->need_neg is set to false.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52441">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>791a1d6349880e7a7783a7ba90969b19</td>
+       <td>CVE-2023-52440</td>
+       <td>2024-02-21 08:15:45 <img src="imgs/new.gif" /></td>
+       <td>In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen in key exchange codes. cifs_arc4_crypt copy to session key array from SessionKey from client.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-52440">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>911e6a10c7356fa6d13166cc66f28f3e</td>
+       <td>CVE-2024-25905</td>
+       <td>2024-02-21 07:15:57 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25905">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>5f8b3c0749bc369f74ae79762da2f638</td>
+       <td>CVE-2024-25904</td>
+       <td>2024-02-21 07:15:56 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in David Stockl TinyMCE and TinyMCE Advanced Professsional Formats and Styles.This issue affects TinyMCE and TinyMCE Advanced Professsional Formats and Styles: from n/a through 1.1.2.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25904">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d163df537e1a603e6d574f72c08f029d</td>
+       <td>CVE-2024-24876</td>
+       <td>2024-02-21 07:15:56 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor.This issue affects Admin Menu Editor: from n/a through 1.12.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24876">详情</a></td>
+      </tr>
+
       <tr>
        <td>5406867c009510f8d60ac78516fb9366</td>
        <td>CVE-2024-25366</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-49109">详情</a></td>
       </tr>
 
-      <tr>
-       <td>0d66ae7ccc8dd80ebc22f0c3f6957e32</td>
-       <td>CVE-2022-45320</td>
-       <td>2024-02-20 05:15:07 <img src="imgs/new.gif" /></td>
-       <td>Liferay Portal before 7.4.3.16 and Liferay DXP before 7.2 fix pack 19, 7.3 before update 6, and 7.4 before update 16 allow remote authenticated users to become the owner of a wiki page by editing the wiki page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-45320">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>4646471a0c45b25814600a90f8600c30</td>
-       <td>CVE-2024-1559</td>
-       <td>2024-02-20 04:15:07 <img src="imgs/new.gif" /></td>
-       <td>The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'll_reciprocal' parameter in all versions up to, and including, 7.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1559">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a2f89850112a94f2a032c89752137e3a</td>
-       <td>CVE-2024-1510</td>
-       <td>2024-02-20 03:15:08 <img src="imgs/new.gif" /></td>
-       <td>The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-1510">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e059e0cf26bb3ee1855885f1da552a78</td>
-       <td>CVE-2023-6764</td>
-       <td>2024-02-20 03:15:07 <img src="imgs/new.gif" /></td>
-       <td>A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch 1, USG FLEX series firmware versions from 4.50 through 5.37 Patch 1, USG FLEX 50(W) series firmware versions from 4.16 through 5.37 Patch 1, and USG20(W)-VPN series firmware versions from 4.16 through 5.37 Patch 1 could allow an attacker to achieve unauthorized remote code execution by sending a sequence of specially crafted payloads containing an invalid pointer; however, such an attack would require detailed knowledge of an affected device’s memory layout and configuration.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-6764">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>410a4cdf2a2b270fda48938122ec5f2a</td>
-       <td>CVE-2024-22019</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP request with chunked encoding, leading to resource exhaustion and denial of service (DoS). The server reads an unbounded number of bytes from a single connection, exploiting the lack of limitations on chunk extension bytes. The issue can cause CPU and network bandwidth exhaustion, bypassing standard safeguards like timeouts and body size limits.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-22019">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>17905e065803d0bd1a441091a1ff6226</td>
-       <td>CVE-2024-21896</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monkey-patching Buffer internals, namely, Buffer.prototype.utf8Write, the application can modify the result of path.resolve(), which leads to a path traversal vulnerability. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21896">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>26cf2b8d93f0d2e231b88096da61bb07</td>
-       <td>CVE-2024-21892</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAP_NET_BIND_SERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this exception even when certain other capabilities have been set. This allows unprivileged users to inject code that inherits the process's elevated privileges.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21892">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>49117bdf3e9e64afb34825bb65e341a2</td>
-       <td>CVE-2024-21891</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21891">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>dc6862fc5bc61e848b6fe4fe1f708ad8</td>
-       <td>CVE-2024-21890</td>
-       <td>2024-02-20 02:15:50 <img src="imgs/new.gif" /></td>
-       <td>The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21890">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>309008d8575ca9f2384d90f932d57f5b</td>
-       <td>CVE-2024-0715</td>
-       <td>2024-02-20 02:15:49 <img src="imgs/new.gif" /></td>
-       <td>Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code Injection.This issue affects Hitachi Global Link Manager: before 8.8.7-03.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-0715">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>